ScanMalware.com

Security Scan Report: csp.nccgroup.com

Redirected to:
https://nccgroup-prod.eu.auth0.com/u/login/identifier?state=hKFo2SBoY2...
Submitted: Apr 4, 2026, 12:06:40 PMCompleted: Apr 4, 2026, 12:08:02 PMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 1 country across 5 domains to perform 1 HTTP transaction. The main domain is nccgroup-prod.eu.auth0.com and was registered NaN years ago.

Submitted URL: https://csp.nccgroup.com

Effective URL: https://nccgroup-prod.eu.auth0.com/u/login/identifier?state=hKFo2SBoY29sQnJNWmc3SHdyMUNUWWxybUVXVUw1SG96VjVILaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHpISjRiWHluX1Z0WUc4SzI0RS1zOUlaYUNvbFFEbEdBo2NpZNkgbXNvZXpsWTZwM2dmc1FpYmx5QnhpU1hVbWZsNzRKcUsRedirected

The Cisco Umbrella rank of the primary domain is #463,914 of the top 1 million websites

AI Security Verdict

Low Risk

Confidence: 92%

2
Risk Score

Legitimate NCC Group login page; low risk.

Risk Factors
Low Cisco Umbrella ranking for brand claim (rank 463,914)
Safety Factors
Domain age > 10,000 days indicates long‑standing legitimate site
Uses reputable authentication provider (Auth0)
No credential exfiltration detected in JavaScript analysis
Only one login form with standard email/password fields
No malicious JavaScript YARA patterns detected
Domain age information unavailable

Details

Page Title

Log in | Cyber Services Portal

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(43%)

Domain Information

The domain name 'csp.nccgroup.com' uses the commercial generic top-level domain (.com) with subdomain 'csp'. Its registrable label 'nccgroup' stretches across 8 characters containing 2 vowels alongside 6 consonants. Tokenizing the label suggests two words: ncc, group. Expect four characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://csp.nccgroup.com

Page Load Overview

3.59s
Total Load Time
19
HTTP Requests
5
Domains
619 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:171 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software43% confidence
Type: webapp
Method: ml+structural+ocr_tiebreaker

All Detected Categories

technology software
43%
government public service
35%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
718.67.13.30United States
AS16509Amazon.com, Inc.
3104.18.34.171United States
AS13335Cloudflare, Inc.
318.245.46.30United StatesUnknown
318.66.147.16United States
AS16509Amazon.com, Inc.
313.33.223.41New York, New York, United States
AS16509Amazon.com, Inc.
195--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1A0132BC971D230736AA71175509F604AB23579979C0E8900B53EE6D43FBCEDA9B23E8C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:q6eymIymT1PrfJ94iKd/jsu4BYOyLk0zD8SRo5KiowLf0zWqvbqGhUDW96:ddfJ94iK+u4GLl8Yo5/LTqzqEUyM

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:41700:bvpioQSESARUcQdEBwmKDBdQQExYolAwGDACGWEwCJwC9lCRGwkaIu4uwKJbAMghIBkclIuvKtjwxEAJIJAQqMJOCE4WGhos

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffe7e7e7e7ffff
Perceptual Hash:b3cccc33998c6666
Difference Hash:00000c084c4d0008
Wavelet Hash:fce4e4e42424243c
Color Hash:#d28c79

Other Hashes

Crop Resistant:00000c084c4d0008

Scan History

Scan history not available

Unable to load historical scan data